Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/MJqyCZYJU84DCF15GrKwHN17GKw.roa
File: MJqyCZYJU84DCF15GrKwHN17GKw.roa (raw, json)
Hash identifier: 8TcPgb2pAgyz+Tj6jhnX5sg3TiuSTNHQck5r1DhMZ/M=
Subject key identifier: 30:9A:B2:09:96:09:53:CE:03:08:5D:79:1A:B2:B0:1C:DD:7B:18:AC
Certificate issuer: /CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
Certificate serial: FFEF7D
Authority key identifier: 0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/MJqyCZYJU84DCF15GrKwHN17GKw.roa
Signing time: Tue 05 Apr 2022 09:29:57 +0000
ROA not before: Tue 05 Apr 2022 09:29:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7155
IP address blocks: 37.9.176.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16772989 (0xffef7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
Validity
Not Before: Apr 5 09:29:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=309ab209960953ce03085d791ab2b01cdd7b18ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6b:fb:32:83:23:ab:1d:33:11:25:77:04:d5:
90:37:08:c6:f9:22:76:c7:ef:a2:1f:d9:5b:27:7a:
47:70:51:ed:d7:6e:7d:d3:35:30:26:e4:6b:aa:e9:
41:95:ee:99:dd:b4:01:84:3c:e3:d0:54:38:11:5a:
f3:01:1e:91:c1:79:84:99:15:c1:12:22:02:42:b4:
72:32:58:13:f8:75:64:5e:26:24:57:0b:2d:8b:e0:
bf:cd:93:ce:f8:f2:19:7a:dc:2c:75:80:bb:44:be:
0d:99:00:3b:a3:34:3f:9e:d9:58:a9:b6:13:72:26:
3e:dc:e7:4c:00:4e:52:7d:56:26:d5:90:16:8e:a6:
9e:33:9f:62:c2:42:39:45:2c:e4:dd:53:98:5f:57:
c6:07:9c:ad:65:12:a7:76:40:43:b6:d7:99:c8:52:
e6:e4:5d:81:19:7d:3b:1b:06:58:b6:17:07:25:92:
84:45:ba:32:d9:07:f2:18:45:eb:10:7f:93:ce:2d:
22:29:d9:f7:59:ae:12:d3:22:e6:14:4b:88:83:b4:
c2:18:52:b3:68:da:3c:76:08:ad:08:72:3e:79:8c:
8c:8b:7d:24:0f:05:ed:4c:87:0c:4c:5a:88:15:af:
9d:20:15:13:3a:59:46:2e:b6:75:b5:54:cf:70:06:
ad:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:9A:B2:09:96:09:53:CE:03:08:5D:79:1A:B2:B0:1C:DD:7B:18:AC
X509v3 Authority Key Identifier:
keyid:0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/MJqyCZYJU84DCF15GrKwHN17GKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/D2cf7DjwDEAvMGbxPHkuGg7RbbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.9.176.0/21
Signature Algorithm: sha256WithRSAEncryption
04:a9:6f:72:92:f4:15:89:98:04:b5:1b:fd:ff:58:0d:78:c1:
14:23:65:7f:1b:62:18:c8:dc:fe:37:97:13:45:50:12:65:dc:
29:26:c4:8e:86:e9:0d:1b:47:da:00:c8:13:95:df:0a:23:f5:
f2:71:46:0a:dd:3d:50:22:80:b5:d6:03:2c:2d:40:b9:40:30:
2d:50:10:17:37:b2:a9:d1:c8:78:e1:53:01:46:01:37:a1:de:
d8:33:e7:d8:3a:d2:31:fa:c5:ea:32:b9:ea:9f:ad:3a:8c:47:
e5:91:17:3e:88:c3:09:e5:b1:17:34:91:cd:70:30:d3:87:a1:
41:d4:cb:e1:ea:a3:75:0f:d3:f1:4c:05:fb:7c:0b:7e:4d:da:
28:99:00:9a:d4:72:e1:ec:b7:00:df:71:71:64:75:2a:7f:8c:
08:35:5e:a5:e7:ae:82:a4:bb:c5:27:eb:3c:cb:3c:39:f3:ad:
ff:fe:88:f4:cb:d4:1e:d9:62:bb:ef:c7:ba:b2:07:b5:bc:cf:
20:57:6f:d5:81:32:71:e8:8d:44:97:35:da:e6:07:11:18:45:
ff:a4:86:0d:f2:49:61:2a:de:53:40:c1:11:e2:46:cb:a0:16:
0a:dc:d7:0e:e7:53:1f:5c:2b:13:c8:49:67:09:0c:02:12:bc:
53:ac:b9:a7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAP/vfTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZjY3MWZlYzM4ZjAwYzQwMmYzMDY2ZjEzYzc5MmUxYTBlZDE2ZGIzMB4XDTIyMDQw
NTA5Mjk1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzA5YWIyMDk5NjA5
NTNjZTAzMDg1ZDc5MWFiMmIwMWNkZDdiMThhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKNr+zKDI6sdMxEldwTVkDcIxvkidsfvoh/ZWyd6R3BR7ddu
fdM1MCbka6rpQZXumd20AYQ849BUOBFa8wEekcF5hJkVwRIiAkK0cjJYE/h1ZF4m
JFcLLYvgv82TzvjyGXrcLHWAu0S+DZkAO6M0P57ZWKm2E3ImPtznTABOUn1WJtWQ
Fo6mnjOfYsJCOUUs5N1TmF9XxgecrWUSp3ZAQ7bXmchS5uRdgRl9OxsGWLYXByWS
hEW6MtkH8hhF6xB/k84tIinZ91muEtMi5hRLiIO0whhSs2jaPHYIrQhyPnmMjIt9
JA8F7UyHDExaiBWvnSAVEzpZRi62dbVUz3AGrbMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQwmrIJlglTzgMIXXkasrAc3XsYrDAfBgNVHSMEGDAWgBQPZx/sOPAMQC8w
ZvE8eS4aDtFtszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0QyY2Y3RGp3REVBdk1HYnhQSGt1R2c3UmJiTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvNDliYjY5LWRmZjktNDQ4ZS1hOGEyLTk3NzMwNWM3MDA1MS8x
L01KcXlDWllKVTg0RENGMTVHckt3SE4xN0dLdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
NDliYjY5LWRmZjktNDQ4ZS1hOGEyLTk3NzMwNWM3MDA1MS8xL0QyY2Y3RGp3REVB
dk1HYnhQSGt1R2c3UmJiTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAyUJsDANBgkqhkiG9w0BAQsFAAOC
AQEABKlvcpL0FYmYBLUb/f9YDXjBFCNlfxtiGMjc/jeXE0VQEmXcKSbEjobpDRtH
2gDIE5XfCiP18nFGCt09UCKAtdYDLC1AuUAwLVAQFzeyqdHIeOFTAUYBN6He2DPn
2DrSMfrF6jK56p+tOoxH5ZEXPojDCeWxFzSRzXAw04ehQdTL4eqjdQ/T8UwF+3wL
fk3aKJkAmtRy4ey3AN9xcWR1Kn+MCDVepeeugqS7xSfrPMs8OfOt//6I9MvUHtli
u+/HurIHtbzPIFdv1YEyceiNRJc12uYHERhF/6SGDfJJYSreU0DBEeJGy6AWCtzX
DudTH1wrE8hJZwkMAhK8U6y5pw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:05:00 2025 by rpki-client